IT Security Advisor II

Facility:  Information Technology & Telecom
Location: 

Plainsboro, NJ, US

About the Department                                                                                                                                                 

At Novo Nordisk, our Strategy, Finance, and Operations team works to provide strategic direction to the company, ensuring that everything we do is viable and built to last. Overseeing and safeguarding Novo Nordisk’s short and long-term planning, the Strategy, Finance and Operations team works closely with the business across the organization to develop strategies and business plans, monitor industry trends, and provide operating recommendations. We regulate accounting, uphold workplace safety, manage our supply chain and sampling, support technology, provide commercial insights & analytics, maintain our facilities and assure the integrity and completeness of all business transactions. At Novo Nordisk, you will have the opportunity to build a life-changing career in a global business environment. We encourage our employees to make the most of their talent. And we reward hard work and dedication with the opportunity for continuous learning and personal development. Are you ready to realize your potential?

 

The Position

This business-oriented information security professional provides advisory support to IT projects within the Americas region. Individuals in this position will ensure that information security risks are effectively assessed, understood, and managed in alignment with our risk management process.

 

The individual in this position will:

  • Seek understanding of business processes and systems
  • Build relationships with stakeholders within Global IT and the broader business
  • Implement information security strategy
  • Advise system and project teams on information security procedures
  • Conduct risk identification and assessment with attention to the business processes and goals
  • Develop and support implementation of business-oriented security strategies
  • Develop and conduct targeted security training
  • Support other projects and duties as assigned

 

Individuals in this position will demonstrate expertise with information security threats, vulnerabilities, risks, and mitigating controls. This position will require an understanding of enterprise technologies such as networks, operating systems, application architecture, and cloud service models. This person will be responsible for performing technical risk assessments of systems and will assist with identification and documentation of controls to protect these systems.

 

Relationships

This position reports directly to the Senior Manager, Global Security Operations – Americas and works in alignment with the Denmark based Global Information Security Advisory department to extend their advisory services throughout the Americas region. Provides information security advisory support to project managers, system managers, line of business representatives, IT operations staff, and application development teams.

 

This role will interface routinely with key stakeholders including senior security operations personnel, Global Information Security management team members, line of business personnel, as well as third party technology service providers.

 

Essential Functions

  • Seeks understanding of business processes to align information security efforts and ensure success for the organization
  • Demonstrates high knowledge in multiple domains of IT Security and subject matter expertise in at least one domain such as risk management, architecture and engineering, networks, identity and access management, assessment and testing, operations, or software development security
  • Works independently or with minimal guidance from manager/senior colleagues and may mentor/coach more junior colleagues. Handles most situations independently and with routine, receives minimal guidance, but will seek advice and guidance on more complex issues
  • Handles complex tasks such as scoping assessments, evaluating controls, proposing controls, and assessing risks with no defined procedures in place
  • Often sets directions and delivers results within security advisory role which have a significant impact to the stakeholders in areas such as risk management, assessment methodologies, and project timelines through application of expertise and established process
  • Leverages knowledge of topics such as information security threats, vulnerabilities, risks, networking, operating systems, application architecture, and cryptography to evaluate and define security controls
  • Serves as area specialist for security advisory and procedures supporting IT Security. Within these functions the individual recognizes and responds to stakeholder needs and ensures commitments are delivered upon
  • Operates common tools and systems for vulnerability assessment and penetration testing within approved scope and authorization. Applies subject matter knowledge to solve common needs such as verifying and reporting on vulnerabilities
  • Proactively works to provide advisory support to business application teams through activities such as attending projects meetings, learning business processes and systems, reviewing risk assessment documentation, and coordinating vendor assessments
  • Demonstrates ability to identify better practice and create improvements in methods, techniques, approaches, etc.
  • Participates in evaluation of new security tools, techniques, and technologies
  • Applies fundamental knowledge of programming, scripting, and markup languages such as C++, Java, Perl, Ruby, Python, PHP Visual Basic, ASP, HTML, XML, XSS, .Net/C# and shell scripting

 

Physical Requirements

0-10% overnight travel required.

Novo Nordisk requires all new hires, both Field and Office-based, to be fully vaccinated with a COVID-19 vaccine prior to the first date of employment. As required by applicable law, Novo Nordisk will consider requests for reasonable accommodation for those unable to be vaccinated. You will be required to upload an image of your COVID-19 vaccine card at the time of hire and/or on your first day of employment.

 

Qualifications

  • A Bachelor’s degree in Computer Science, Information Systems, or Information Security is required; relevant experience may be substituted for degree when appropriate
  • A minimum of 5 years of progressively responsible relevant experience
  • Ability to lead a project in the development and implementation of processes and technology
  • Ability to develop and maintain relationships within the global organization
  • Strong attentional to detail is required
  • Experience with incident response and digital forensics a plus
  • Vendor neutral technical certifications (SANS, ISC2, ISACA) preferred
  • Vendor sponsored and professional certifications (MCSE, RHCE, CCNP) desirable

 

We commit to an inclusive recruitment process and equality of opportunity for all our job applicants. 

 

At Novo Nordisk we recognize that it is no longer good enough to aspire to be the best company in the world. We need to aspire to be the best company for the world and we know that this is only possible with talented employees with diverse perspectives, backgrounds and cultures. We are therefore committed to creating an inclusive culture that celebrates the diversity of our employees, the patients we serve and communities we operate in. Together, we’re life changing.

 

Novo Nordisk is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, ethnicity, color, religion, sex, gender identity, sexual orientation, national origin, disability, protected veteran status or any other characteristic protected by local, state or federal laws, rules or regulations.

 

If you are interested in applying to Novo Nordisk and need special assistance or an accommodation to apply, please call us at 1-855-411-5290. This contact is for accommodation requests only and cannot be used to inquire about the status of applications.